Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Time to start a project to build open source USB sticks…

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    2 Posts 2 Posters 811 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mr. Jingles
      last edited by

      I didn't even know USB-sticks had firmware  ???

      http://www.tripwire.com/state-of-security/security-data-protection/danger-usb/

      6 and a half billion people know that they are stupid, agressive, lower life forms.

      1 Reply Last reply Reply Quote 0
      • E
        Elludium_Q-36
        last edited by

        It is disturbing, but not "late breaking news".
        See:
        https://hakshop.myshopify.com/products/usb-rubber-ducky-deluxe

        • It's one thing, letting another have physical access to your device…  With something like the "Rubber Ducky", you might never guess what's happening.

        • It's quite another, to be the unwitting agent of the undoing of your own security schema.

        I would hope there would e a way to countermand such malicious firmware, and re-flash.

        Yes, also, a few years ago, I bought a Sandisk U3 Cruzer flashdrive.  I didn't like what I found!:
        http://www.google.com/search?lr=lang_en&hl=en&q=U3+AND+Sandisk+AND+evil

        On Ubuntu Linux, I found package: u3-tool
        @u3-tool:

        tool for controlling the special features of a U3 USB flash disk

        Tool for controlling USB flash devices that conform to the U3 specifications.
        You can do the following with your U3 flash:

        • Replace the CD image
        • Change the size of the virtual CD or completely remove it
        • Enable and disable security
        • Unlock and change the password of secured U3 device
        • Obtain various device information

        I believe I still have the demon seed, and need to run it through the u3-tool grinder.
        http://packages.ubuntu.com/search?keywords=u3-tool

        Here, see how THESE grab ya!!!

        http://en.wikipedia.org/wiki/Splashtop_Remote 
        http://en.wikipedia.org/wiki/Splashtop

        I bought a used Dell XPS series desktop, without a hard drive.  On the top of the tower case, is an LCD screen, that had a game of MS Windows "Solitare" going.  Disabling the device in B.I.O.S. did NOT always mean this evil was vanquished and exorcised, not for EVERY boot.  I found where the ribbon cable header WAS attached to the motherboard, but I'm still not confident.  I also pulled the WiFi card & Bluetooth, because neither could be effectively and consistently managed, or killed/downed via software.

        Maybe I'll convert to using a "Hipster PDA" ;)

        https://en.wikipedia.org/wiki/Hipster_PDA

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.